package com.xlh.wjdcserver.interceptor;

import com.common.context.BaseContext;
import com.common.property.JwtProperty;
import com.common.util.JwtUtil;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import java.util.concurrent.TimeUnit;


@Component
@Slf4j
public class JwtTokenInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtProperty jwtProperty;

    @Autowired
    private RedisTemplate redisTemplate;

    /**
     * 校验jwt
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {


        // 只要路径是 /user/login 路径，就直接放行
        log.info("拦截器 requestURI: {}", request.getRequestURI());
        String requestURI = request.getRequestURI();
        if (requestURI.startsWith("/user/login") ||
                requestURI.startsWith("/user/qlogin") ||
                requestURI.startsWith("/WriteAnswer/") ||
                requestURI.startsWith("/answer/addAnswer")) {
            return true; // 直接放行这些路径
        }


        //System.out.println("当前线程的id：" + Thread.currentThread().getId());

        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }

        //1、从请求头中获取令牌
        String token = request.getHeader(jwtProperty.getAdminTokenName());

        //2、校验令牌
        try {
            log.info("jwt校验:{}", token);
            Claims claims = JwtUtil.parseJWT(jwtProperty.getAdminSecretKey(), token);
            String empId = claims.get("userid").toString();
            String key = "login:token:" + empId;
            String redisToken = (String) redisTemplate.opsForValue().get(key);
            if (redisToken == null || !redisToken.equals(token)) {
                response.setStatus(401);
                return false;
            }
            log.info("当前员工id：", empId);
            BaseContext.setCurrentId(empId);

            redisTemplate.expire(key, jwtProperty.getAdminTtl(), TimeUnit.MILLISECONDS);

            //3、通过，放行
            return true;
        } catch (Exception ex) {
            //4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }
    }
}
